Marc Lehmann <linux-kernel@plan9.de> writes:>> The summary seems to be that the linux raid driver only protects your data> as long as all disks are fine and the machine never crashes.

"as long as the machine never crashes". That's correct. If you thinkabout how RAID 5 works there is no way around it. When a write to a single stripe is interrupted (machine crash) and you lose a diskduring the recovery a lot of data (even unrelated to the data just written)is lost. That is because there is no way to figure out what partof the data on the stripe belonged to the old and what part to the new write.

But that's nothing inherent in Linux RAID5. It's a generic problem.Pretty much all Software RAID5 implementations have it.

The only way around it is to journal all writes, to make stripeupdates atomic, but in general that's too slow unless you have abattery backed up journal device.

There are some tricks to avoid this (e.g. always write to a new disklocation and update an disk index atomically), but they tend to beheavily patented and are slower too. They also go far beyond RAID-5(use disk space less efficiently etc.) and typically need supportfrom the file system to be efficient.

RAID-1 helps a bit, because you either get the old or the new data,but not some corruption. In practice even old data can be a bigproblem though (e.g. when file system metadata is affected)

Morale: if you really care about your data backup very often anduse RAID-1 or get an expensive hardware RAID with battery backup(all the cheap "hardware RAIDs" are equally useless for this)